-
Notifications
You must be signed in to change notification settings - Fork 0
/
acl_check.cc
87 lines (69 loc) · 2.47 KB
/
acl_check.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
// g++ acl_check.cc -o acl_check.exe -lpsapi
#include <windows.h>
#include <stdio.h>
#include <psapi.h>
#define MAX_NAME 256
int main()
{
DWORD aProcesses[1024], cbNeeded, cProcesses;
if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
{
fprintf(stderr, "EnumProcesses failed (%u)\n", GetLastError());
return 1;
}
cProcesses = cbNeeded / sizeof(DWORD);
fprintf(stdout, "Number of processes: %u\n", cProcesses);
unsigned int i;
for ( i = 0; i < cProcesses; i++ )
{
if( aProcesses[i] != 0 )
{
HANDLE h = OpenProcess(PROCESS_ALL_ACCESS, FALSE, aProcesses[i]);
if ( h != NULL )
{
HANDLE token_handle;
if (!OpenProcessToken(h, TOKEN_QUERY, &token_handle))
{
fprintf(stderr, "OpenProcessToken failed (%u)\n", GetLastError());
CloseHandle(h);
return 2;
}
DWORD dwSize = 0;
DWORD dwResult = 0;
PTOKEN_USER pUserInfo;
if(!GetTokenInformation(token_handle, TokenUser, NULL, dwSize, &dwSize))
{
dwResult = GetLastError();
if (dwResult != 122)
{
return 3;
}
}
pUserInfo = (PTOKEN_USER)GlobalAlloc(GPTR, dwSize);
if(!GetTokenInformation(token_handle, TokenUser, pUserInfo, dwSize, &dwSize))
{
fprintf(stderr, "GetTokenInformation failed (%u)\n", GetLastError());
CloseHandle(h);
return 4;
}
char lpName[MAX_NAME];
char lpDomain[MAX_NAME];
SID_NAME_USE abc;
LookupAccountSid(
NULL,
pUserInfo->User.Sid,
lpName,
&dwSize,
lpDomain,
&dwSize,
&abc
);
GlobalFree(pUserInfo);
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
GetModuleFileNameEx(h, 0, szProcessName, sizeof(szProcessName) / sizeof(TCHAR));
fprintf(stdout, "%s\\%s\tPROCESS_ALL_ACCESS\tPID: %u\t%s\n", lpDomain, lpName, aProcesses[i], szProcessName);
CloseHandle(h);
}
}
}
}